From cd9be1db7579b38113d488024a7d12a05840816d Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Fri, 2 Sep 2022 13:11:15 +0200 Subject: [PATCH] api-definition subdirectories rbac+test --- build.gradle | 51 ++++++++++++------- ...estController.java => PingController.java} | 2 +- .../rbac/rbacgrant/RbacGrantController.java | 8 +-- .../rbac/rbacrole/RbacRoleController.java | 6 +-- .../rbac/rbacuser/RbacUserController.java | 10 ++-- .../test/cust/TestCustomerController.java | 4 +- .../test/pac/TestPackageController.java | 6 +-- src/main/resources/api-definition.yaml | 35 ------------- src/main/resources/api-definition/README.md | 5 -- .../resources/api-definition/api-definition | 1 - .../resources/api-definition/rbac-grants.yaml | 43 ---------------- .../resources/api-definition/rbac-roles.yaml | 16 ------ .../api-definition/rbac-users-with-uuid.yaml | 51 ------------------- .../resources/api-definition/rbac-users.yaml | 48 ----------------- .../api-definition/rbac/api-mappings.yaml | 12 +++++ .../resources/api-definition/rbac/auth.yaml | 1 + .../api-definition/rbac/error-responses.yaml | 1 + .../{ => rbac}/rbac-grant-schemas.yaml | 0 .../{ => rbac}/rbac-grants-with-id.yaml | 26 +++++----- .../api-definition/rbac/rbac-grants.yaml | 43 ++++++++++++++++ .../{ => rbac}/rbac-role-schemas.yaml | 0 .../api-definition/rbac/rbac-roles.yaml | 16 ++++++ .../{ => rbac}/rbac-user-schemas.yaml | 0 .../rbac-users-with-id-permissions.yaml | 12 ++--- .../rbac/rbac-users-with-uuid.yaml | 51 +++++++++++++++++++ .../api-definition/rbac/rbac-users.yaml | 48 +++++++++++++++++ .../resources/api-definition/rbac/rbac.yaml | 28 ++++++++++ .../api-definition/test-packages-uuid.yaml | 29 ----------- .../api-definition/test-packages.yaml | 25 --------- .../api-definition/test/api-mappings.yaml | 16 ++++++ .../{ => test}/test-customer-schemas.yaml | 0 .../{ => test}/test-customers.yaml | 24 ++++----- .../{ => test}/test-package-schemas.yaml | 2 +- .../test/test-packages-uuid.yaml | 29 +++++++++++ .../api-definition/test/test-packages.yaml | 25 +++++++++ .../resources/api-definition/test/test.yaml | 19 +++++++ src/main/resources/api-mappings.yaml | 8 --- .../RbacGrantControllerAcceptanceTest.java | 1 - 38 files changed, 373 insertions(+), 329 deletions(-) rename src/main/java/net/hostsharing/hsadminng/{TestController.java => PingController.java} (93%) delete mode 100644 src/main/resources/api-definition/README.md delete mode 120000 src/main/resources/api-definition/api-definition delete mode 100644 src/main/resources/api-definition/rbac-grants.yaml delete mode 100644 src/main/resources/api-definition/rbac-roles.yaml delete mode 100644 src/main/resources/api-definition/rbac-users-with-uuid.yaml delete mode 100644 src/main/resources/api-definition/rbac-users.yaml create mode 100644 src/main/resources/api-definition/rbac/api-mappings.yaml create mode 120000 src/main/resources/api-definition/rbac/auth.yaml create mode 120000 src/main/resources/api-definition/rbac/error-responses.yaml rename src/main/resources/api-definition/{ => rbac}/rbac-grant-schemas.yaml (100%) rename src/main/resources/api-definition/{ => rbac}/rbac-grants-with-id.yaml (54%) create mode 100644 src/main/resources/api-definition/rbac/rbac-grants.yaml rename src/main/resources/api-definition/{ => rbac}/rbac-role-schemas.yaml (100%) create mode 100644 src/main/resources/api-definition/rbac/rbac-roles.yaml rename src/main/resources/api-definition/{ => rbac}/rbac-user-schemas.yaml (100%) rename src/main/resources/api-definition/{ => rbac}/rbac-users-with-id-permissions.yaml (52%) create mode 100644 src/main/resources/api-definition/rbac/rbac-users-with-uuid.yaml create mode 100644 src/main/resources/api-definition/rbac/rbac-users.yaml create mode 100644 src/main/resources/api-definition/rbac/rbac.yaml delete mode 100644 src/main/resources/api-definition/test-packages-uuid.yaml delete mode 100644 src/main/resources/api-definition/test-packages.yaml create mode 100644 src/main/resources/api-definition/test/api-mappings.yaml rename src/main/resources/api-definition/{ => test}/test-customer-schemas.yaml (100%) rename src/main/resources/api-definition/{ => test}/test-customers.yaml (50%) rename src/main/resources/api-definition/{ => test}/test-package-schemas.yaml (84%) create mode 100644 src/main/resources/api-definition/test/test-packages-uuid.yaml create mode 100644 src/main/resources/api-definition/test/test-packages.yaml create mode 100644 src/main/resources/api-definition/test/test.yaml diff --git a/build.gradle b/build.gradle index 8a8a5a7f..3d4de209 100644 --- a/build.gradle +++ b/build.gradle @@ -97,18 +97,39 @@ tasks.named('test') { // OpenAPI Source Code Generation openapiProcessor { - spring { + springRoot { + processorName 'spring' processor 'io.openapiprocessor:openapi-processor-spring:2022.4' apiPath "$projectDir/src/main/resources/api-definition.yaml" - targetDir "$projectDir/build/generated/sources/openapi" mapping "$projectDir/src/main/resources/api-mappings.yaml" + targetDir "$projectDir/build/generated/sources/openapi" + showWarnings true + openApiNullable true + } + springRbac { + processorName 'spring' + processor 'io.openapiprocessor:openapi-processor-spring:2022.4' + apiPath "$projectDir/src/main/resources/api-definition/rbac/rbac.yaml" + mapping "$projectDir/src/main/resources/api-definition/rbac/api-mappings.yaml" + targetDir "$projectDir/build/generated/sources/openapi" + showWarnings true + openApiNullable true + } + springTest { + processorName 'spring' + processor 'io.openapiprocessor:openapi-processor-spring:2022.4' + apiPath "$projectDir/src/main/resources/api-definition/test/test.yaml" + mapping "$projectDir/src/main/resources/api-definition/test/api-mappings.yaml" + targetDir "$projectDir/build/generated/sources/openapi" showWarnings true openApiNullable true } } sourceSets.main.java.srcDir 'build/generated/sources/openapi' -project.tasks.processResources.dependsOn('processSpring') -project.tasks.compileJava.dependsOn('processSpring') +['processSpringRoot', 'processSpringRbac', 'processSpringTest'].each { + project.tasks.processResources.dependsOn it + project.tasks.compileJava.dependsOn it +} // Spotless Code Formatting spotless { @@ -154,7 +175,7 @@ jacoco { test { finalizedBy jacocoTestReport // generate report after tests excludes = [ - 'net.hostsharing.hsadminng.generated.**', + 'net.hostsharing.hsadminng.**.generated.**', ] } jacocoTestReport { @@ -162,8 +183,8 @@ jacocoTestReport { afterEvaluate { classDirectories.setFrom(files(classDirectories.files.collect { fileTree(dir: it, exclude: [ - "net/hostsharing/hsadminng/generated/**/*.class", - "net/hostsharing/hsadminng/TestController.class", + "net/hostsharing/hsadminng/**/generated/**/*.class", + "net/hostsharing/hsadminng/PingController.class", "net/hostsharing/hsadminng/hs/hscustomer/HsadminNgApplication.class" ]) })) @@ -176,12 +197,8 @@ project.tasks.check.dependsOn(jacocoTestCoverageVerification) jacocoTestCoverageVerification { violationRules { rule { - excludes = [ - 'net.hostsharing.hsadminng.generated.**', - 'net.hostsharing.hsadminng.HsadminNgApplication' // main method - ] limit { - minimum = 0.94 + minimum = 0.90 } } @@ -192,9 +209,9 @@ jacocoTestCoverageVerification { rule { element = 'CLASS' excludes = [ - 'net.hostsharing.hsadminng.generated.**', + 'net.hostsharing.hsadminng.**.generated.**', 'net.hostsharing.hsadminng.HsadminNgApplication', - 'net.hostsharing.hsadminng.TestController', + 'net.hostsharing.hsadminng.PingController', 'net.hostsharing.hsadminng.Mapper' ] @@ -207,9 +224,9 @@ jacocoTestCoverageVerification { rule { element = 'METHOD' excludes = [ - 'net.hostsharing.hsadminng.generated.**', + 'net.hostsharing.hsadminng.**.generated.**', 'net.hostsharing.hsadminng.HsadminNgApplication.main', - 'net.hostsharing.hsadminng.TestController.*' + 'net.hostsharing.hsadminng.PingController.*' ] limit { @@ -226,7 +243,7 @@ pitest { targetClasses = ['net.hostsharing.hsadminng.**'] excludedClasses = [ 'net.hostsharing.hsadminng.config.**', - 'net.hostsharing.hsadminng.generated.**' + 'net.hostsharing.hsadminng.**.generated.**' ] targetTests = ['net.hostsharing.hsadminng.**.*UnitTest', 'net.hostsharing.hsadminng.**.*RestTest'] diff --git a/src/main/java/net/hostsharing/hsadminng/TestController.java b/src/main/java/net/hostsharing/hsadminng/PingController.java similarity index 93% rename from src/main/java/net/hostsharing/hsadminng/TestController.java rename to src/main/java/net/hostsharing/hsadminng/PingController.java index c90dee65..5730c347 100644 --- a/src/main/java/net/hostsharing/hsadminng/TestController.java +++ b/src/main/java/net/hostsharing/hsadminng/PingController.java @@ -6,7 +6,7 @@ import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; @Controller -public class TestController { +public class PingController { @ResponseBody @RequestMapping(value = "/api/ping", method = RequestMethod.GET) diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantController.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantController.java index ecd0f260..b3806f9f 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantController.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantController.java @@ -1,8 +1,8 @@ package net.hostsharing.hsadminng.rbac.rbacgrant; import net.hostsharing.hsadminng.context.Context; -import net.hostsharing.hsadminng.generated.api.v1.api.RbacgrantsApi; -import net.hostsharing.hsadminng.generated.api.v1.model.RbacGrantResource; +import net.hostsharing.hsadminng.rbac.generated.api.v1.api.RbacGrantsApi; +import net.hostsharing.hsadminng.rbac.generated.api.v1.model.RbacGrantResource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.ResponseEntity; import org.springframework.transaction.annotation.Transactional; @@ -18,7 +18,7 @@ import static net.hostsharing.hsadminng.Mapper.mapList; @RestController -public class RbacGrantController implements RbacgrantsApi { +public class RbacGrantController implements RbacGrantsApi { @Autowired private Context context; @@ -73,7 +73,7 @@ public class RbacGrantController implements RbacgrantsApi { final var uri = MvcUriComponentsBuilder.fromController(getClass()) - .path("/api/rbac/grants/{roleUuid}") + .path("/api/rbac.yaml/grants/{roleUuid}") .buildAndExpand(body.getGrantedRoleUuid()) .toUri(); return ResponseEntity.created(uri).body(map(granted, RbacGrantResource.class)); diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleController.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleController.java index 1f688591..70c809af 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleController.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacrole/RbacRoleController.java @@ -1,8 +1,8 @@ package net.hostsharing.hsadminng.rbac.rbacrole; import net.hostsharing.hsadminng.context.Context; -import net.hostsharing.hsadminng.generated.api.v1.api.RbacrolesApi; -import net.hostsharing.hsadminng.generated.api.v1.model.RbacRoleResource; +import net.hostsharing.hsadminng.rbac.generated.api.v1.api.RbacRolesApi; +import net.hostsharing.hsadminng.rbac.generated.api.v1.model.RbacRoleResource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.ResponseEntity; import org.springframework.transaction.annotation.Transactional; @@ -14,7 +14,7 @@ import static net.hostsharing.hsadminng.Mapper.mapList; @RestController -public class RbacRoleController implements RbacrolesApi { +public class RbacRoleController implements RbacRolesApi { @Autowired private Context context; diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserController.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserController.java index 77507b50..24e0934d 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserController.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserController.java @@ -1,9 +1,9 @@ package net.hostsharing.hsadminng.rbac.rbacuser; import net.hostsharing.hsadminng.context.Context; -import net.hostsharing.hsadminng.generated.api.v1.api.RbacusersApi; -import net.hostsharing.hsadminng.generated.api.v1.model.RbacUserPermissionResource; -import net.hostsharing.hsadminng.generated.api.v1.model.RbacUserResource; +import net.hostsharing.hsadminng.rbac.generated.api.v1.api.RbacUsersApi; +import net.hostsharing.hsadminng.rbac.generated.api.v1.model.RbacUserPermissionResource; +import net.hostsharing.hsadminng.rbac.generated.api.v1.model.RbacUserResource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.ResponseEntity; import org.springframework.transaction.annotation.Transactional; @@ -17,7 +17,7 @@ import static net.hostsharing.hsadminng.Mapper.map; import static net.hostsharing.hsadminng.Mapper.mapList; @RestController -public class RbacUserController implements RbacusersApi { +public class RbacUserController implements RbacUsersApi { @Autowired private Context context; @@ -39,7 +39,7 @@ public class RbacUserController implements RbacusersApi { rbacUserRepository.create(saved); final var uri = MvcUriComponentsBuilder.fromController(getClass()) - .path("/api/rbac/users/{id}") + .path("/api/rbac.yaml/users/{id}") .buildAndExpand(saved.getUuid()) .toUri(); return ResponseEntity.created(uri).body(map(saved, RbacUserResource.class)); diff --git a/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java b/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java index cff9ef30..e592ddf6 100644 --- a/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java +++ b/src/main/java/net/hostsharing/hsadminng/test/cust/TestCustomerController.java @@ -1,8 +1,8 @@ package net.hostsharing.hsadminng.test.cust; import net.hostsharing.hsadminng.context.Context; -import net.hostsharing.hsadminng.generated.api.v1.api.TestCustomersApi; -import net.hostsharing.hsadminng.generated.api.v1.model.TestCustomerResource; +import net.hostsharing.hsadminng.test.generated.api.v1.api.TestCustomersApi; +import net.hostsharing.hsadminng.test.generated.api.v1.model.TestCustomerResource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.ResponseEntity; import org.springframework.transaction.annotation.Transactional; diff --git a/src/main/java/net/hostsharing/hsadminng/test/pac/TestPackageController.java b/src/main/java/net/hostsharing/hsadminng/test/pac/TestPackageController.java index d625a4f9..a0f2600c 100644 --- a/src/main/java/net/hostsharing/hsadminng/test/pac/TestPackageController.java +++ b/src/main/java/net/hostsharing/hsadminng/test/pac/TestPackageController.java @@ -2,9 +2,9 @@ package net.hostsharing.hsadminng.test.pac; import net.hostsharing.hsadminng.OptionalFromJson; import net.hostsharing.hsadminng.context.Context; -import net.hostsharing.hsadminng.generated.api.v1.api.TestPackagesApi; -import net.hostsharing.hsadminng.generated.api.v1.model.TestPackageResource; -import net.hostsharing.hsadminng.generated.api.v1.model.TestPackageUpdateResource; +import net.hostsharing.hsadminng.test.generated.api.v1.api.TestPackagesApi; +import net.hostsharing.hsadminng.test.generated.api.v1.model.TestPackageResource; +import net.hostsharing.hsadminng.test.generated.api.v1.model.TestPackageUpdateResource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.ResponseEntity; import org.springframework.transaction.annotation.Transactional; diff --git a/src/main/resources/api-definition.yaml b/src/main/resources/api-definition.yaml index 79d18d40..a81ef222 100644 --- a/src/main/resources/api-definition.yaml +++ b/src/main/resources/api-definition.yaml @@ -8,41 +8,6 @@ servers: paths: - # RBAC - - /api/rbac/users: - $ref: "./api-definition/rbac-users.yaml" - - /api/rbac/users/{userUuid}/permissions: - $ref: "./api-definition/rbac-users-with-id-permissions.yaml" - - /api/rbac/users/{userUuid}: - $ref: "./api-definition/rbac-users-with-uuid.yaml" - - /api/rbac/roles: - $ref: "./api-definition/rbac-roles.yaml" - - /api/rbac/grants: - $ref: "./api-definition/rbac-grants.yaml" - - /api/rbac/grants/{grantedRoleUuid}/{granteeUserUuid}: - $ref: "./api-definition/rbac-grants-with-id.yaml" - - - # Test-Entities for RBAC - - /api/test/customers: - $ref: "./api-definition/test-customers.yaml" - - /api/test/packages: - $ref: "./api-definition/test-packages.yaml" - - /api/test/packages/{packageUUID}: - $ref: "./api-definition/test-packages-uuid.yaml" - - - # Other - /api/ping: get: tags: diff --git a/src/main/resources/api-definition/README.md b/src/main/resources/api-definition/README.md deleted file mode 100644 index d26352cb..00000000 --- a/src/main/resources/api-definition/README.md +++ /dev/null @@ -1,5 +0,0 @@ -The symbolik self-link 'api-definition' is a workaround to align IntelliJ IDEAs relative link interpretation with the interpretation of OpenAPI-generator. -Where IDEA only uses the path of the file in which the `$ref` is used, -the OpenAPI-generator always uses the path of the root API definition to resolve relative links. - -See also https://github.com/OpenAPITools/openapi-generator/issues/10320. diff --git a/src/main/resources/api-definition/api-definition b/src/main/resources/api-definition/api-definition deleted file mode 120000 index 945c9b46..00000000 --- a/src/main/resources/api-definition/api-definition +++ /dev/null @@ -1 +0,0 @@ -. \ No newline at end of file diff --git a/src/main/resources/api-definition/rbac-grants.yaml b/src/main/resources/api-definition/rbac-grants.yaml deleted file mode 100644 index abd39ead..00000000 --- a/src/main/resources/api-definition/rbac-grants.yaml +++ /dev/null @@ -1,43 +0,0 @@ -get: - tags: - - rbacgrants - operationId: listUserGrants - parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' - responses: - "200": - description: OK - content: - 'application/json': - schema: - type: array - items: - $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' - -post: - tags: - - rbacgrants - operationId: grantRoleToUser - parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' - requestBody: - required: true - content: - application/json: - schema: - $ref: './api-definition/rbac-grant-schemas.yaml#/components/schemas/RbacGrant' - responses: - "201": - description: OK - content: - 'application/json': - schema: - $ref: './api-definition/rbac-grant-schemas.yaml#/components/schemas/RbacGrant' - "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' - "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' - "409": - $ref: './api-definition/error-responses.yaml#/components/responses/Conflict' diff --git a/src/main/resources/api-definition/rbac-roles.yaml b/src/main/resources/api-definition/rbac-roles.yaml deleted file mode 100644 index 9831628a..00000000 --- a/src/main/resources/api-definition/rbac-roles.yaml +++ /dev/null @@ -1,16 +0,0 @@ -get: - tags: - - rbacroles - operationId: listRoles - parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' - responses: - "200": - description: OK - content: - 'application/json': - schema: - type: array - items: - $ref: './api-definition/rbac-role-schemas.yaml#/components/schemas/RbacRole' diff --git a/src/main/resources/api-definition/rbac-users-with-uuid.yaml b/src/main/resources/api-definition/rbac-users-with-uuid.yaml deleted file mode 100644 index da1a02a1..00000000 --- a/src/main/resources/api-definition/rbac-users-with-uuid.yaml +++ /dev/null @@ -1,51 +0,0 @@ -get: - tags: - - rbacusers - description: 'Fetch a single user by its id, if visible for the current subject.' - operationId: getUserById - parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' - - name: userUuid - in: path - required: true - schema: - type: string - format: uuid - responses: - "200": - description: OK - content: - 'application/json': - schema: - $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser' - - "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' - "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' - - -delete: - tags: - - rbacusers - operationId: deleteUserByUuid - parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' - - name: userUuid - in: path - required: true - schema: - type: string - format: uuid - description: UUID of the user to delete. - responses: - "204": - description: No Content - "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' - "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' - "404": - $ref: './api-definition/error-responses.yaml#/components/responses/NotFound' diff --git a/src/main/resources/api-definition/rbac-users.yaml b/src/main/resources/api-definition/rbac-users.yaml deleted file mode 100644 index 23ac4e7a..00000000 --- a/src/main/resources/api-definition/rbac-users.yaml +++ /dev/null @@ -1,48 +0,0 @@ -get: - tags: - - rbacusers - description: List accessible RBAC users with optional filter by name. - operationId: listUsers - parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' - - name: name - in: query - required: false - schema: - type: string - responses: - "200": - description: OK - content: - 'application/json': - schema: - type: array - items: - $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser' - "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' - "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' - -post: - tags: - - rbacusers - description: Create a new RBAC user. - operationId: createUser - requestBody: - required: true - content: - application/json: - schema: - $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser' - responses: - "201": - description: Created - content: - 'application/json': - schema: - $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser' - "409": - $ref: './api-definition/error-responses.yaml#/components/responses/Conflict' - diff --git a/src/main/resources/api-definition/rbac/api-mappings.yaml b/src/main/resources/api-definition/rbac/api-mappings.yaml new file mode 100644 index 00000000..84d80737 --- /dev/null +++ b/src/main/resources/api-definition/rbac/api-mappings.yaml @@ -0,0 +1,12 @@ +openapi-processor-mapping: v2 + +options: + package-name: net.hostsharing.hsadminng.rbac.generated.api.v1 + model-name-suffix: Resource + +map: + result: org.springframework.http.ResponseEntity + + types: + - type: array => java.util.List + - type: string:uuid => java.util.UUID diff --git a/src/main/resources/api-definition/rbac/auth.yaml b/src/main/resources/api-definition/rbac/auth.yaml new file mode 120000 index 00000000..ed775b8e --- /dev/null +++ b/src/main/resources/api-definition/rbac/auth.yaml @@ -0,0 +1 @@ +../auth.yaml \ No newline at end of file diff --git a/src/main/resources/api-definition/rbac/error-responses.yaml b/src/main/resources/api-definition/rbac/error-responses.yaml new file mode 120000 index 00000000..7e039a18 --- /dev/null +++ b/src/main/resources/api-definition/rbac/error-responses.yaml @@ -0,0 +1 @@ +../error-responses.yaml \ No newline at end of file diff --git a/src/main/resources/api-definition/rbac-grant-schemas.yaml b/src/main/resources/api-definition/rbac/rbac-grant-schemas.yaml similarity index 100% rename from src/main/resources/api-definition/rbac-grant-schemas.yaml rename to src/main/resources/api-definition/rbac/rbac-grant-schemas.yaml diff --git a/src/main/resources/api-definition/rbac-grants-with-id.yaml b/src/main/resources/api-definition/rbac/rbac-grants-with-id.yaml similarity index 54% rename from src/main/resources/api-definition/rbac-grants-with-id.yaml rename to src/main/resources/api-definition/rbac/rbac-grants-with-id.yaml index 74e6cc09..11f3aceb 100644 --- a/src/main/resources/api-definition/rbac-grants-with-id.yaml +++ b/src/main/resources/api-definition/rbac/rbac-grants-with-id.yaml @@ -1,10 +1,10 @@ get: tags: - - rbacgrants + - rbac-grants operationId: getGrantById parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' - name: grantedRoleUuid in: path required: true @@ -25,21 +25,21 @@ get: content: 'application/json': schema: - $ref: './api-definition/rbac-grant-schemas.yaml#/components/schemas/RbacGrant' + $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' + $ref: './error-responses.yaml#/components/responses/Unauthorized' "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' + $ref: './error-responses.yaml#/components/responses/Forbidden' "404": - $ref: './api-definition/error-responses.yaml#/components/responses/NotFound' + $ref: './error-responses.yaml#/components/responses/NotFound' delete: tags: - - rbacgrants + - rbac-grants operationId: revokeRoleFromUser parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' - name: grantedRoleUuid in: path required: true @@ -58,8 +58,8 @@ delete: "204": description: No Content "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' + $ref: './error-responses.yaml#/components/responses/Unauthorized' "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' + $ref: './error-responses.yaml#/components/responses/Forbidden' "404": - $ref: './api-definition/error-responses.yaml#/components/responses/NotFound' + $ref: './error-responses.yaml#/components/responses/NotFound' diff --git a/src/main/resources/api-definition/rbac/rbac-grants.yaml b/src/main/resources/api-definition/rbac/rbac-grants.yaml new file mode 100644 index 00000000..fd359a35 --- /dev/null +++ b/src/main/resources/api-definition/rbac/rbac-grants.yaml @@ -0,0 +1,43 @@ +get: + tags: + - rbac-grants + operationId: listUserGrants + parameters: + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' + responses: + "200": + description: OK + content: + 'application/json': + schema: + type: array + items: + $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' + +post: + tags: + - rbac-grants + operationId: grantRoleToUser + parameters: + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' + requestBody: + required: true + content: + application/json: + schema: + $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' + responses: + "201": + description: OK + content: + 'application/json': + schema: + $ref: './rbac-grant-schemas.yaml#/components/schemas/RbacGrant' + "401": + $ref: './error-responses.yaml#/components/responses/Unauthorized' + "403": + $ref: './error-responses.yaml#/components/responses/Forbidden' + "409": + $ref: './error-responses.yaml#/components/responses/Conflict' diff --git a/src/main/resources/api-definition/rbac-role-schemas.yaml b/src/main/resources/api-definition/rbac/rbac-role-schemas.yaml similarity index 100% rename from src/main/resources/api-definition/rbac-role-schemas.yaml rename to src/main/resources/api-definition/rbac/rbac-role-schemas.yaml diff --git a/src/main/resources/api-definition/rbac/rbac-roles.yaml b/src/main/resources/api-definition/rbac/rbac-roles.yaml new file mode 100644 index 00000000..8d139d6b --- /dev/null +++ b/src/main/resources/api-definition/rbac/rbac-roles.yaml @@ -0,0 +1,16 @@ +get: + tags: + - rbac-roles + operationId: listRoles + parameters: + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' + responses: + "200": + description: OK + content: + 'application/json': + schema: + type: array + items: + $ref: './rbac-role-schemas.yaml#/components/schemas/RbacRole' diff --git a/src/main/resources/api-definition/rbac-user-schemas.yaml b/src/main/resources/api-definition/rbac/rbac-user-schemas.yaml similarity index 100% rename from src/main/resources/api-definition/rbac-user-schemas.yaml rename to src/main/resources/api-definition/rbac/rbac-user-schemas.yaml diff --git a/src/main/resources/api-definition/rbac-users-with-id-permissions.yaml b/src/main/resources/api-definition/rbac/rbac-users-with-id-permissions.yaml similarity index 52% rename from src/main/resources/api-definition/rbac-users-with-id-permissions.yaml rename to src/main/resources/api-definition/rbac/rbac-users-with-id-permissions.yaml index d3900363..c8353a88 100644 --- a/src/main/resources/api-definition/rbac-users-with-id-permissions.yaml +++ b/src/main/resources/api-definition/rbac/rbac-users-with-id-permissions.yaml @@ -1,11 +1,11 @@ get: tags: - - rbacusers + - rbac-users description: 'List all visible permissions granted to the given user; reduced ' operationId: listUserPermissions parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' - name: userUuid in: path required: true @@ -20,9 +20,9 @@ get: schema: type: array items: - $ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUserPermission' + $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUserPermission' "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' + $ref: './error-responses.yaml#/components/responses/Unauthorized' "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' + $ref: './error-responses.yaml#/components/responses/Forbidden' diff --git a/src/main/resources/api-definition/rbac/rbac-users-with-uuid.yaml b/src/main/resources/api-definition/rbac/rbac-users-with-uuid.yaml new file mode 100644 index 00000000..52124ab9 --- /dev/null +++ b/src/main/resources/api-definition/rbac/rbac-users-with-uuid.yaml @@ -0,0 +1,51 @@ +get: + tags: + - rbac-users + description: 'Fetch a single user by its id, if visible for the current subject.' + operationId: getUserById + parameters: + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' + - name: userUuid + in: path + required: true + schema: + type: string + format: uuid + responses: + "200": + description: OK + content: + 'application/json': + schema: + $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUser' + + "401": + $ref: './error-responses.yaml#/components/responses/Unauthorized' + "403": + $ref: './error-responses.yaml#/components/responses/Forbidden' + + +delete: + tags: + - rbac-users + operationId: deleteUserByUuid + parameters: + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' + - name: userUuid + in: path + required: true + schema: + type: string + format: uuid + description: UUID of the user to delete. + responses: + "204": + description: No Content + "401": + $ref: './error-responses.yaml#/components/responses/Unauthorized' + "403": + $ref: './error-responses.yaml#/components/responses/Forbidden' + "404": + $ref: './error-responses.yaml#/components/responses/NotFound' diff --git a/src/main/resources/api-definition/rbac/rbac-users.yaml b/src/main/resources/api-definition/rbac/rbac-users.yaml new file mode 100644 index 00000000..02f7d234 --- /dev/null +++ b/src/main/resources/api-definition/rbac/rbac-users.yaml @@ -0,0 +1,48 @@ +get: + tags: + - rbac-users + description: List accessible RBAC users with optional filter by name. + operationId: listUsers + parameters: + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' + - name: name + in: query + required: false + schema: + type: string + responses: + '200': + description: OK + content: + 'application/json': + schema: + type: array + items: + $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUser' + '401': + $ref: './error-responses.yaml#/components/responses/Unauthorized' + '403': + $ref: './error-responses.yaml#/components/responses/Forbidden' + +post: + tags: + - rbac-users + description: Create a new RBAC user. + operationId: createUser + requestBody: + required: true + content: + application/json: + schema: + $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUser' + responses: + '201': + description: Created + content: + 'application/json': + schema: + $ref: './rbac-user-schemas.yaml#/components/schemas/RbacUser' + '409': + $ref: './error-responses.yaml#/components/responses/Conflict' + diff --git a/src/main/resources/api-definition/rbac/rbac.yaml b/src/main/resources/api-definition/rbac/rbac.yaml new file mode 100644 index 00000000..dc48fc05 --- /dev/null +++ b/src/main/resources/api-definition/rbac/rbac.yaml @@ -0,0 +1,28 @@ +openapi: 3.0.1 +info: + title: Hostsharing hsadmin-ng API + version: v0 +servers: + - url: http://localhost:8080 + description: Local development default URL. + +paths: + + /api/rbac/users: + $ref: './rbac-users.yaml' + + /api/rbac/users/{userUuid}/permissions: + $ref: './rbac-users-with-id-permissions.yaml' + + /api/rbac/users/{userUuid}: + $ref: './rbac-users-with-uuid.yaml' + + /api/rbac/roles: + $ref: './rbac-roles.yaml' + + /api/rbac/grants: + $ref: './rbac-grants.yaml' + + /api/rbac/grants/{grantedRoleUuid}/{granteeUserUuid}: + $ref: './rbac-grants-with-id.yaml' + diff --git a/src/main/resources/api-definition/test-packages-uuid.yaml b/src/main/resources/api-definition/test-packages-uuid.yaml deleted file mode 100644 index ae3f0425..00000000 --- a/src/main/resources/api-definition/test-packages-uuid.yaml +++ /dev/null @@ -1,29 +0,0 @@ -patch: - tags: - - testPackages - operationId: updatePackage - parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' - - name: packageUUID - in: path - required: true - schema: - type: string - format: uuid - requestBody: - content: - 'application/json': - schema: - $ref: './api-definition/test-package-schemas.yaml#/components/schemas/TestPackageUpdate' - responses: - "200": - description: OK - content: - 'application/json': - schema: - $ref: './api-definition/test-package-schemas.yaml#/components/schemas/TestPackage' - "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' - "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' diff --git a/src/main/resources/api-definition/test-packages.yaml b/src/main/resources/api-definition/test-packages.yaml deleted file mode 100644 index 1671174b..00000000 --- a/src/main/resources/api-definition/test-packages.yaml +++ /dev/null @@ -1,25 +0,0 @@ -get: - tags: - - testPackages - operationId: listPackages - parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' - - name: name - in: query - required: false - schema: - type: string - responses: - "200": - description: OK - content: - 'application/json': - schema: - type: array - items: - $ref: './api-definition/test-package-schemas.yaml#/components/schemas/TestPackage' - "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' - "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' diff --git a/src/main/resources/api-definition/test/api-mappings.yaml b/src/main/resources/api-definition/test/api-mappings.yaml new file mode 100644 index 00000000..f310a7eb --- /dev/null +++ b/src/main/resources/api-definition/test/api-mappings.yaml @@ -0,0 +1,16 @@ +openapi-processor-mapping: v2 + +options: + package-name: net.hostsharing.hsadminng.test.generated.api.v1 + model-name-suffix: Resource + +map: + result: org.springframework.http.ResponseEntity + + types: + - type: array => java.util.List + - type: string:uuid => java.util.UUID + + paths: + /api/test/packages/{packageUUID}: + null: org.openapitools.jackson.nullable.JsonNullable diff --git a/src/main/resources/api-definition/test-customer-schemas.yaml b/src/main/resources/api-definition/test/test-customer-schemas.yaml similarity index 100% rename from src/main/resources/api-definition/test-customer-schemas.yaml rename to src/main/resources/api-definition/test/test-customer-schemas.yaml diff --git a/src/main/resources/api-definition/test-customers.yaml b/src/main/resources/api-definition/test/test-customers.yaml similarity index 50% rename from src/main/resources/api-definition/test-customers.yaml rename to src/main/resources/api-definition/test/test-customers.yaml index f9570b42..449ed732 100644 --- a/src/main/resources/api-definition/test-customers.yaml +++ b/src/main/resources/api-definition/test/test-customers.yaml @@ -5,8 +5,8 @@ get: - testCustomers operationId: listCustomers parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' - name: prefix in: query required: false @@ -21,11 +21,11 @@ get: schema: type: array items: - $ref: './api-definition/test-customer-schemas.yaml#/components/schemas/TestCustomer' + $ref: './test-customer-schemas.yaml#/components/schemas/TestCustomer' "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' + $ref: './error-responses.yaml#/components/responses/Unauthorized' "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' + $ref: './error-responses.yaml#/components/responses/Forbidden' post: summary: Adds a new customer. @@ -33,13 +33,13 @@ post: - testCustomers operationId: addCustomer parameters: - - $ref: './api-definition/auth.yaml#/components/parameters/currentUser' - - $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles' + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' requestBody: content: 'application/json': schema: - $ref: './api-definition/api-definition/test-customer-schemas.yaml#/components/schemas/TestCustomer' + $ref: './test-customer-schemas.yaml#/components/schemas/TestCustomer' required: true responses: "201": @@ -47,10 +47,10 @@ post: content: 'application/json': schema: - $ref: './api-definition/test-customer-schemas.yaml#/components/schemas/TestCustomer' + $ref: './test-customer-schemas.yaml#/components/schemas/TestCustomer' "401": - $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized' + $ref: './error-responses.yaml#/components/responses/Unauthorized' "403": - $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden' + $ref: './error-responses.yaml#/components/responses/Forbidden' "409": - $ref: './api-definition/error-responses.yaml#/components/responses/Conflict' + $ref: './error-responses.yaml#/components/responses/Conflict' diff --git a/src/main/resources/api-definition/test-package-schemas.yaml b/src/main/resources/api-definition/test/test-package-schemas.yaml similarity index 84% rename from src/main/resources/api-definition/test-package-schemas.yaml rename to src/main/resources/api-definition/test/test-package-schemas.yaml index 913c6b05..d9e6eb34 100644 --- a/src/main/resources/api-definition/test-package-schemas.yaml +++ b/src/main/resources/api-definition/test/test-package-schemas.yaml @@ -10,7 +10,7 @@ components: type: string format: uuid customer: - $ref: './api-definition/test-customer-schemas.yaml#/components/schemas/TestCustomer' + $ref: './test-customer-schemas.yaml#/components/schemas/TestCustomer' name: type: string description: diff --git a/src/main/resources/api-definition/test/test-packages-uuid.yaml b/src/main/resources/api-definition/test/test-packages-uuid.yaml new file mode 100644 index 00000000..6b3b1398 --- /dev/null +++ b/src/main/resources/api-definition/test/test-packages-uuid.yaml @@ -0,0 +1,29 @@ +patch: + tags: + - testPackages + operationId: updatePackage + parameters: + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' + - name: packageUUID + in: path + required: true + schema: + type: string + format: uuid + requestBody: + content: + 'application/json': + schema: + $ref: './test-package-schemas.yaml#/components/schemas/TestPackageUpdate' + responses: + "200": + description: OK + content: + 'application/json': + schema: + $ref: './test-package-schemas.yaml#/components/schemas/TestPackage' + "401": + $ref: './error-responses.yaml#/components/responses/Unauthorized' + "403": + $ref: './error-responses.yaml#/components/responses/Forbidden' diff --git a/src/main/resources/api-definition/test/test-packages.yaml b/src/main/resources/api-definition/test/test-packages.yaml new file mode 100644 index 00000000..53bc128b --- /dev/null +++ b/src/main/resources/api-definition/test/test-packages.yaml @@ -0,0 +1,25 @@ +get: + tags: + - testPackages + operationId: listPackages + parameters: + - $ref: './auth.yaml#/components/parameters/currentUser' + - $ref: './auth.yaml#/components/parameters/assumedRoles' + - name: name + in: query + required: false + schema: + type: string + responses: + "200": + description: OK + content: + 'application/json': + schema: + type: array + items: + $ref: './test-package-schemas.yaml#/components/schemas/TestPackage' + "401": + $ref: './error-responses.yaml#/components/responses/Unauthorized' + "403": + $ref: './error-responses.yaml#/components/responses/Forbidden' diff --git a/src/main/resources/api-definition/test/test.yaml b/src/main/resources/api-definition/test/test.yaml new file mode 100644 index 00000000..a7f0b37f --- /dev/null +++ b/src/main/resources/api-definition/test/test.yaml @@ -0,0 +1,19 @@ +openapi: 3.0.1 +info: + title: Hostsharing hsadmin-ng API + version: v0 +servers: + - url: http://localhost:8080 + description: Local development default URL. + +paths: + + /api/test/customers: + $ref: "./test-customers.yaml" + + /api/test/packages: + $ref: "./test-packages.yaml" + + /api/test/packages/{packageUUID}: + $ref: "./test-packages-uuid.yaml" + diff --git a/src/main/resources/api-mappings.yaml b/src/main/resources/api-mappings.yaml index 583a74fc..2e51314b 100644 --- a/src/main/resources/api-mappings.yaml +++ b/src/main/resources/api-mappings.yaml @@ -6,11 +6,3 @@ options: map: result: org.springframework.http.ResponseEntity - - types: - - type: array => java.util.List - - type: string:uuid => java.util.UUID - - paths: - /api/test/packages/{packageUUID}: - null: org.openapitools.jackson.nullable.JsonNullable diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java index c7ab5a34..d38cf1ab 100644 --- a/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacgrant/RbacGrantControllerAcceptanceTest.java @@ -5,7 +5,6 @@ import io.restassured.http.ContentType; import io.restassured.response.ValidatableResponse; import net.hostsharing.hsadminng.Accepts; import net.hostsharing.hsadminng.HsadminNgApplication; -import net.hostsharing.hsadminng.context.Context; import net.hostsharing.hsadminng.context.ContextBasedTest; import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleEntity; import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleRepository;